Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Yusei Tahara
slapos
Commits
8d221be7
Commit
8d221be7
authored
Jul 22, 2015
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
kvm-cluster: setup apache http server for sharing files with vms
parent
80b99e40
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
68 additions
and
45 deletions
+68
-45
software/kvm/common.cfg
software/kvm/common.cfg
+6
-5
software/kvm/instance-kvm-cluster.cfg.jinja2.in
software/kvm/instance-kvm-cluster.cfg.jinja2.in
+26
-32
software/kvm/instance-kvm-http.cfg.in
software/kvm/instance-kvm-http.cfg.in
+19
-4
software/kvm/instance-kvm.cfg.jinja2
software/kvm/instance-kvm.cfg.jinja2
+1
-1
software/kvm/instance.cfg.in
software/kvm/instance.cfg.in
+1
-0
software/kvm/template/apache.conf.in
software/kvm/template/apache.conf.in
+15
-3
No files found.
software/kvm/common.cfg
View file @
8d221be7
...
...
@@ -87,7 +87,7 @@ command =
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
md5sum =
cf67212d3155767d0d0d8a6d75d2d8ad
md5sum =
3bca2c959d19881270c64f94ad1ebba8
output = ${buildout:directory}/template.cfg
mode = 0644
...
...
@@ -95,7 +95,7 @@ mode = 0644
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2
mode = 644
md5sum =
55eb9cb0d85dedbda0f03986cef261db
md5sum =
ea1e8f4a7c1878beec83267fd40728c2
download-only = true
on-update = true
...
...
@@ -103,7 +103,7 @@ on-update = true
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in
mode = 644
md5sum =
1e4d8eade6d291480e5112ef9f31f031
md5sum =
5a864099760e3a37fa4604044d708657
download-only = true
on-update = true
...
...
@@ -173,7 +173,7 @@ recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/apache.conf.in
mode = 644
filename = apache.conf.in
md5sum =
91f05377aff35ffbac7f2687e90b5dcc
md5sum =
e9c9fd88d71e9dc7416149af5bcfb951
download-only = true
on-update = true
...
...
@@ -191,9 +191,10 @@ recipe = slapos.recipe.template:jinja2
filename = template-httpd.cfg
template = ${:_profile_base_location_}/instance-kvm-http.cfg.in
rendered = ${buildout:parts-directory}/${:_buildout_section_name_}/instance-kvm-http.cfg
md5sum =
84b96dfc78e8d2611bf7210b8b6bb9c5
md5sum =
fc8b3259942d6dedbc01065358a00d71
context =
key apache_location apache:location
raw openssl_executable_location ${openssl:location}/bin/openssl
raw template_apache_conf ${template-apache-conf:location}/${template-apache-conf:filename}
software/kvm/instance-kvm-cluster.cfg.jinja2.in
View file @
8d221be7
...
...
@@ -66,19 +66,19 @@ config-data-to-vm = {{ dumps(kvm_parameter_dict.get('data-to-vm', '')) }}
{% endif -%}
# Enable simple http server on ipv6 so all VMs will access it
config-document-host = ${
http-server:host
}
config-document-port = ${
http-server
:port}
config-document-path = ${h
ttp-server:path
}
config-document-host = ${
apache-conf:ip
}
config-document-port = ${
apache-conf
:port}
config-document-path = ${h
ash-code:passwd
}
return =
backend-url
url
{% if
use_nat
.lower() -%}
{% if
str(use_nat)
.lower() -%}
{% for port in nat_rules_list -%}
{{ ' ' }}nat-rule-url-{{ port }}
{% endfor -%}
{% endif -%}
{% if
kvm_parameter_dict.get('use-tap', 'True'
).lower() == 'true' -%}
{% if
str(kvm_parameter_dict.get('use-tap', 'True')
).lower() == 'true' -%}
{{ ' ' }}tap-ipv4
{% do publish_dict.__setitem__('lan-' ~ instance_name, '${' ~ section ~ ':connection-tap-ipv4}') -%}
...
...
@@ -135,6 +135,11 @@ sla-instance_guid = {{ slave_frontend_iguid }}
{% endfor %}
# Enable simple http server on ipv6 so all VMs will access it
[hash-code]
recipe = slapos.cookbook:generate.password
storage-path = ${directory:etc}/code
bytes = 24
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
...
...
@@ -144,34 +149,19 @@ var = ${buildout:directory}/var
log = ${:var}/log
scripts = ${:etc}/run
services = ${:etc}/service
documen
t = ${:srv}/document
webroo
t = ${:srv}/document
promises = ${:etc}/promise
ssl = ${:etc}/ssl
[http-ssl]
recipe = plone.recipe.command
command = "{{ openssl_executable_location }}" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout "${:key}" -out "${:cert}"
key = ${directory:ssl}/key
cert = ${directory:ssl}/cert
update-command =
stop-on-error = true
[http-server]
recipe = slapos.cookbook:simplehttpserver
host = {{ ipv6 }}
[directory-doc]
recipe = slapos.cookbook:mkdirectory
document = ${directory:webroot}/${hash-code:passwd}
[apache-conf]
denied-root-access = true
root = ${directory:webroot}/
index = ${directory:webroot}/${hash-code:passwd}
port = 9002
base-path = ${directory:document}
wrapper = ${directory:services}/simple-http-server
log-file = ${directory:log}/http.log
cert-file = ${http-ssl:cert}
key-file = ${http-ssl:key}
use-hash-url = true
[http-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/http-server
hostname = ${http-server:host}
port = ${http-server:port}
{% if len(kvm_hostname_list) -%}
{% do part_list.append('write-vm-hostname') -%}
...
...
@@ -179,7 +169,7 @@ port = ${http-server:port}
recipe = slapos.recipe.template:jinja2
template = {{ template_content }}
filename = hosts
rendered = ${
http-server:root-dir
}/${:filename}
rendered = ${
directory:webroot}/${hash-code:passwd
}/${:filename}
context =
raw content_list {{ kvm_hostname_list | join('#') }}
raw sep #
...
...
@@ -207,10 +197,14 @@ recipe = slapos.cookbook:publish
{{ name }} = {{ value }}
{% endfor %}
[buildout]
extends =
{{ template_httpd_cfg }}
parts =
http
-server
http-promise
http
d
http
d
-promise
publish
directory-doc
# Complete parts with sections
{{ part_list | join('\n ') }}
...
...
software/kvm/instance-kvm-http.cfg.in
View file @
8d221be7
...
...
@@ -14,33 +14,48 @@ log = ${:var}/log
services = ${:etc}/service
promises = ${:etc}/promise
run = ${:var}/run
document = ${:srv}/document
ssl = ${:etc}/ssl
[apache-conf]
recipe = slapos.recipe.template:jinja2
template = {{ template_apache_conf }}
rendered = ${directory:etc}/apache.conf
#ipv6
= ${slap-network-information:global-ipv6}
ipv4 = ${slap-network-information:local-ipv4}
ip
= ${slap-network-information:global-ipv6}
#
ipv4 = ${slap-network-information:local-ipv4}
port = ${slap-parameter:httpd-port}
error-log = ${directory:log}/apache-error.log
access-log = ${directory:log}/apache-access.log
pid-file = ${directory:run}/apache.pid
index = ${directory:public}
root = {:index}
denied-root-access = false
context =
key port :port
key ip :ip
v4
key ip :ip
key access_log :access-log
key error_log :error-log
key pid_file :pid-file
key index_folder :index
key cert httpd-ssl:cert
key key httpd-ssl:key
key document_root :root
[httpd]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:services}/httpd
command-line = "{{ apache_location }}/bin/httpd" -f "${apache-conf:rendered}" -DFOREGROUND
[httpd-ssl]
recipe = plone.recipe.command
command = "{{ openssl_executable_location }}" req -newkey rsa -batch -new -x509 -days 3650 -nodes -keyout "${:key}" -out "${:cert}"
key = ${directory:ssl}/key
cert = ${directory:ssl}/cert
update-command =
stop-on-error = true
[httpd-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/apache-httpd
hostname = ${apache-conf:ip
v4
}
hostname = ${apache-conf:ip}
port = ${apache-conf:port}
\ No newline at end of file
software/kvm/instance-kvm.cfg.jinja2
View file @
8d221be7
...
...
@@ -135,7 +135,7 @@ external-disk-number = ${slap-parameter:external-disk-number}
external-disk-size = ${slap-parameter:external-disk-size}
external-disk-format = ${slap-parameter:external-disk-format}
{% if enable_http == 'tue' or ( use_tap == 'true' and tap_network_dict.has_key('ipv4') ) -%}
{% if enable_http == 't
r
ue' or ( use_tap == 'true' and tap_network_dict.has_key('ipv4') ) -%}
httpd-port = ${slap-parameter:httpd-port}
{% else -%}
httpd-port = 0
...
...
software/kvm/instance.cfg.in
View file @
8d221be7
...
...
@@ -67,6 +67,7 @@ filename = template-kvm-cluster.cfg
extra-context =
section parameter_dict dynamic-template-kvm-cluster-parameters
raw template_content ${template-content:location}/${template-content:filename}
raw template_httpd_cfg ${template-httpd:rendered}
[dynamic-template-kvm]
recipe = slapos.recipe.template:jinja2
...
...
software/kvm/template/apache.conf.in
View file @
8d221be7
...
...
@@ -27,6 +27,17 @@ ServerTokens Prod
ServerSignature Off
TraceEnable Off
SSLEngine on
SSLCertificateFile {{ cert }}
SSLCertificateKeyFile {{ key }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProtocol All -SSLv2
SSLProxyEngine On
DocumentRoot {{ document_root }}
ErrorLog "{{ error_log }}"
# Default apache log format with request time in microsecond at the end
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
...
...
@@ -40,10 +51,11 @@ SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
Require all denied
</Directory>
DocumentRoot {{ index_folder }}
<Directory {{ index_folder }}>
Options Indexes FollowSymLinks
Require ip {{ ip }}
#
Require ip {{ ip }}
# Require env forwarded '{{ ip }}'
Require all denied
# Require all denied
AllowOverride None
Require all granted
</Directory>
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment